- risolto problema della non attesa della PWA durante la chiamata a Node.js.

- risolto problema dell'ambiente in Locale HTTPS certificato installato aggiornato.
2025-03-13 12:05:16 +01:00
parent 65b29a6eee
commit 0017f04e45
12 changed files with 370 additions and 223 deletions
--- a/src/server/models/user.js
+++ b/src/server/models/user.js
@@ -731,7 +731,23 @@ UserSchema.statics.isFacilitatore = function (perm) {
  }
 };

-UserSchema.statics.findByToken = async function (token, typeaccess, con_auth, idapp) {
+/**
+ * Finds a user by their authentication token.
+ *
+ * @param {string} token - The authentication token.
+ * @param {string} typeaccess - The type of access associated with the token.
+ * @param {boolean} con_auth - Whether to continue authentication if the token is expired.
+ * @param {string} idapp - The application ID.
+ * @returns {Promise<Object>} An object containing the user and a status code, indicating
+ *                            whether the token is valid, expired, or invalid.
+ *                            The user object is null if no user is found or the token is invalid.
+ *
+ * This function verifies the provided token and retrieves the corresponding user if the token is valid.
+ * If the token is expired and `con_auth` is false, or if the token is invalid, it returns null for the user.
+ * The status code reflects the validity of the token: valid, expired, or invalid.
+ */
+
+UserSchema.statics.findByToken = async function (token, typeaccess, con_auth, withuser, withlean = false) {
  const User = this;
  let code = server_constants.RIS_CODE_HTTP_INVALID_TOKEN;
  let user = null;
@@ -752,15 +768,44 @@ UserSchema.statics.findByToken = async function (token, typeaccess, con_auth, id
    return { user: null, code };
  }

-  user = await User.findOne({
-    _id: decoded.smart,
-    tokens: {
-      $elemMatch: {
-        token,
-        access: typeaccess,
+  let project = undefined;
+
+  if (withuser) {
+    if (withlean) {
+      user = await User.findOne({
+        _id: decoded.smart,
+        tokens: {
+          $elemMatch: {
+            token,
+            access: typeaccess,
+          },
+        },
+      }, project).lean();  
+    } else {
+      user = await User.findOne({
+        _id: decoded.smart,
+        tokens: {
+          $elemMatch: {
+            token,
+            access: typeaccess,
+          },
+        },
+      }, project);
+      }
+  } else {
+
+    project = { perm: 1, _id: 1, idapp: 1, username: 1, deleted: 1, aportador_solidario: 1, aportador_solidario_nome_completo: 1, 'profile.socioresidente': 1 };
+
+    user = await User.findOne({
+      _id: decoded.smart,
+      tokens: {
+        $elemMatch: {
+          token,
+          access: typeaccess,
+        },
      },
-    },
-  }).lean();
+    }, project).lean();
+  }

  if (user) {
    const checkExpiry = tools.getEnableTokenExpiredByIdApp(user.idapp);
@@ -791,13 +836,13 @@ UserSchema.statics.findByTokenAnyAccess = function (token) {
  }).lean();
 };

-UserSchema.statics.findByCredentials = function (idapp, username, password, pwdcrypted) {
+UserSchema.statics.findByCredentials = async function (idapp, username, password, pwdcrypted) {
  const User = this;
  let pwd = '';

  let regexp = new RegExp(`^${username}$`, 'i');

-  return User.findOne({
+  let user = await User.findOne({
    idapp,
    username: { $regex: regexp },
    $or: [
@@ -811,58 +856,46 @@ UserSchema.statics.findByCredentials = function (idapp, username, password, pwdc
      },
    ],

-  }).then((user) => {
-    if (!user) {
-      // Check if with email:
-      return User.findOne({
-        idapp, email: username.toLowerCase(),
-        $or: [
-          { deleted: { $exists: false } },
-          { deleted: { $exists: true, $eq: false } }],
-      });
-    } else {
-      return !user.deleted || (user.deleted && user.subaccount) ? user : null;
-    }
-  }).then((user) => {
-    if (!user) {
-      // Check with username telegram
-      return User.findOne({
-        idapp,
-        'profile.username_telegram': username.toLowerCase(),
-        $or: [
-          { deleted: { $exists: false } },
-          { deleted: { $exists: true, $eq: false } }],
-      });
-    } else {
-      return !user.deleted || (user.deleted && user.subaccount) ? user : null;
-    }
-  }).then(user => {
-    if (!user)
-      return null;
-
-    pwd = user.password;
-
-    if (pwdcrypted) {
-      if (pwd === user.password) {
-        return user;
-      } else {
-        return false;
-      }
-    }
-
-    return new Promise((resolve, reject) => {
-      // Use bcrypt.compare to compare password and user.password
-      // console.log("pwd1 " + password);
-      // console.log("pwd2 " + pwd);
-      bcrypt.compare(password, pwd, (err, res) => {
-        if (res) {
-          resolve(user);
-        } else {
-          return resolve(null);
-        }
-      });
-    });
  });
+
+  if (!user) {
+    // Check if with email:
+    user = await User.findOne({
+      idapp, email: username.toLowerCase(),
+      $or: [
+        { deleted: { $exists: false } },
+        { deleted: { $exists: true, $eq: false } }],
+    });
+  }
+
+  if (!user) {
+    // Check with username telegram
+    user = await User.findOne({
+      idapp,
+      'profile.username_telegram': username.toLowerCase(),
+      $or: [
+        { deleted: { $exists: false } },
+        { deleted: { $exists: true, $eq: false } }],
+    });
+  }
+
+  if (!user) {
+    return null;
+  }
+
+  pwd = user.password;
+
+  if (pwdcrypted) {
+    if (pwd === user.password) {
+      return user;
+    } else {
+      return false;
+    }
+  }
+
+  const res = await bcrypt.compare(password, pwd) ? user : null;
+
+  return res;
 };

 UserSchema.statics.findByUsername = async function (idapp, username, alsoemail, onlyifVerifiedByAportador) {
@@ -1885,6 +1918,7 @@ UserSchema.statics.getUserProfileByUsername = async function (

  if (perm === tools.Perm.PERM_NONE) {
    whatToShow = {
+      idapp: 1,
      lang: 1,
      index: 1,
      username: 1,
@@ -1935,6 +1969,7 @@ UserSchema.statics.getUserProfileByUsername = async function (

  } else if (perm === tools.Perm.PERM_FRIEND) {
    whatToShow = {
+      idapp: 1,
      lang: 1,
      index: 1,
      username: 1,
@@ -1984,6 +2019,7 @@ UserSchema.statics.getUserProfileByUsername = async function (

  } else if (perm === tools.Perm.PERM_ALL) {
    whatToShow = {
+      idapp: 1,
      lang: 1,
      index: 1,
      username: 1,
@@ -3333,15 +3369,15 @@ UserSchema.statics.setCircuitCmd = async function (idapp, usernameOrig, circuitn
          await telegrambot.sendMsgTelegram(idapp, username_dest, msgDest);

          msgerr = i18n.__('EXCEED_QTAMAX_MITTENTE', username_dest);
-          await telegrambot.sendMsgTelegram(idapp, usernameOrig, msgDest);          
-        }                
+          await telegrambot.sendMsgTelegram(idapp, usernameOrig, msgerr);
+        }

        console.warn('🔴 ATTENZIONE! ', outres.errormsg + '\n(Mittente: ' + usernameOrig + ')');
        // await telegrambot.sendMsgTelegram(idapp, usernameOrig, msgOrig);
-        
+
        // Invia questo msg anche all'Admin
        await telegrambot.sendMsgTelegramToTheAdmin(idapp, outres.errormsg + '\n(Mittente: ' + usernameOrig + ')', true);
-            
+
      }

    } else if ((cmd === shared_consts.CIRCUITCMD.SENDCOINS_ACCEPT) || (cmd === shared_consts.CIRCUITCMD.SENDCOINS_REFUSE)) {
@@ -6295,6 +6331,14 @@ UserSchema.statics.updateLastTimeAndUserAgent = async function (id, useragent) {

  return ris;
 }
+UserSchema.statics.getMyGroupsById = async function (id) {
+  const User = this;
+
+  // cerca lo user by id e ritorna "profile.mygroups"
+  const ris = await User.findOne({ _id: id }, { 'profile.mygroups': 1 }).lean();
+
+  return ris;
+};
 UserSchema.statics.createNewSubRecord = async function (idapp, req) {
  const User = this;